diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | auth2-chall.c | 20 | ||||
-rw-r--r-- | auth2.c | 27 | ||||
-rw-r--r-- | compat.c | 18 | ||||
-rw-r--r-- | sshconnect2.c | 21 | ||||
-rw-r--r-- | sshd.c | 24 |
6 files changed, 61 insertions, 55 deletions
@@ -155,6 +155,10 @@ | |||
155 | - provos@cvs.openbsd.org 2002/01/13 17:27:07 | 155 | - provos@cvs.openbsd.org 2002/01/13 17:27:07 |
156 | [ssh-agent.c] | 156 | [ssh-agent.c] |
157 | change to use queue.h macros; okay markus@ | 157 | change to use queue.h macros; okay markus@ |
158 | - markus@cvs.openbsd.org 2002/01/13 17:57:37 | ||
159 | [auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c] | ||
160 | use buffer API and avoid static strings of fixed size; | ||
161 | ok provos@/mouring@ | ||
158 | 162 | ||
159 | 163 | ||
160 | 20020121 | 164 | 20020121 |
@@ -7303,4 +7307,4 @@ | |||
7303 | - Wrote replacements for strlcpy and mkdtemp | 7307 | - Wrote replacements for strlcpy and mkdtemp |
7304 | - Released 1.0pre1 | 7308 | - Released 1.0pre1 |
7305 | 7309 | ||
7306 | $Id: ChangeLog,v 1.1767 2002/01/22 12:26:13 djm Exp $ | 7310 | $Id: ChangeLog,v 1.1768 2002/01/22 12:26:38 djm Exp $ |
diff --git a/auth2-chall.c b/auth2-chall.c index a1f96392e..9f1d93275 100644 --- a/auth2-chall.c +++ b/auth2-chall.c | |||
@@ -23,10 +23,11 @@ | |||
23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | */ | 24 | */ |
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2-chall.c,v 1.15 2002/01/11 23:02:51 markus Exp $"); | 26 | RCSID("$OpenBSD: auth2-chall.c,v 1.16 2002/01/13 17:57:37 markus Exp $"); |
27 | 27 | ||
28 | #include "ssh2.h" | 28 | #include "ssh2.h" |
29 | #include "auth.h" | 29 | #include "auth.h" |
30 | #include "buffer.h" | ||
30 | #include "packet.h" | 31 | #include "packet.h" |
31 | #include "xmalloc.h" | 32 | #include "xmalloc.h" |
32 | #include "dispatch.h" | 33 | #include "dispatch.h" |
@@ -68,22 +69,25 @@ static KbdintAuthctxt * | |||
68 | kbdint_alloc(const char *devs) | 69 | kbdint_alloc(const char *devs) |
69 | { | 70 | { |
70 | KbdintAuthctxt *kbdintctxt; | 71 | KbdintAuthctxt *kbdintctxt; |
72 | Buffer b; | ||
71 | int i; | 73 | int i; |
72 | char buf[1024]; | ||
73 | 74 | ||
74 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); | 75 | kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); |
75 | if (strcmp(devs, "") == 0) { | 76 | if (strcmp(devs, "") == 0) { |
76 | buf[0] = '\0'; | 77 | buffer_init(&b); |
77 | for (i = 0; devices[i]; i++) { | 78 | for (i = 0; devices[i]; i++) { |
78 | if (i != 0) | 79 | if (buffer_len(&b) > 0) |
79 | strlcat(buf, ",", sizeof(buf)); | 80 | buffer_append(&b, ",", 1); |
80 | strlcat(buf, devices[i]->name, sizeof(buf)); | 81 | buffer_append(&b, devices[i]->name, |
82 | strlen(devices[i]->name)); | ||
81 | } | 83 | } |
82 | debug("kbdint_alloc: devices '%s'", buf); | 84 | buffer_append(&b, "\0", 1); |
83 | kbdintctxt->devices = xstrdup(buf); | 85 | kbdintctxt->devices = xstrdup(buffer_ptr(&b)); |
86 | buffer_free(&b); | ||
84 | } else { | 87 | } else { |
85 | kbdintctxt->devices = xstrdup(devs); | 88 | kbdintctxt->devices = xstrdup(devs); |
86 | } | 89 | } |
90 | debug("kbdint_alloc: devices '%s'", kbdintctxt->devices); | ||
87 | kbdintctxt->ctxt = NULL; | 91 | kbdintctxt->ctxt = NULL; |
88 | kbdintctxt->device = NULL; | 92 | kbdintctxt->device = NULL; |
89 | 93 | ||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: auth2.c,v 1.81 2002/01/11 13:39:36 markus Exp $"); | 26 | RCSID("$OpenBSD: auth2.c,v 1.82 2002/01/13 17:57:37 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/evp.h> | 28 | #include <openssl/evp.h> |
29 | 29 | ||
@@ -588,31 +588,22 @@ static char * | |||
588 | authmethods_get(void) | 588 | authmethods_get(void) |
589 | { | 589 | { |
590 | Authmethod *method = NULL; | 590 | Authmethod *method = NULL; |
591 | u_int size = 0; | 591 | Buffer b; |
592 | char *list; | 592 | char *list; |
593 | 593 | ||
594 | buffer_init(&b); | ||
594 | for (method = authmethods; method->name != NULL; method++) { | 595 | for (method = authmethods; method->name != NULL; method++) { |
595 | if (strcmp(method->name, "none") == 0) | 596 | if (strcmp(method->name, "none") == 0) |
596 | continue; | 597 | continue; |
597 | if (method->enabled != NULL && *(method->enabled) != 0) { | 598 | if (method->enabled != NULL && *(method->enabled) != 0) { |
598 | if (size != 0) | 599 | if (buffer_len(&b) > 0) |
599 | size += strlen(DELIM); | 600 | buffer_append(&b, ",", 1); |
600 | size += strlen(method->name); | 601 | buffer_append(&b, method->name, strlen(method->name)); |
601 | } | ||
602 | } | ||
603 | size++; /* trailing '\0' */ | ||
604 | list = xmalloc(size); | ||
605 | list[0] = '\0'; | ||
606 | |||
607 | for (method = authmethods; method->name != NULL; method++) { | ||
608 | if (strcmp(method->name, "none") == 0) | ||
609 | continue; | ||
610 | if (method->enabled != NULL && *(method->enabled) != 0) { | ||
611 | if (list[0] != '\0') | ||
612 | strlcat(list, DELIM, size); | ||
613 | strlcat(list, method->name, size); | ||
614 | } | 602 | } |
615 | } | 603 | } |
604 | buffer_append(&b, "\0", 1); | ||
605 | list = xstrdup(buffer_ptr(&b)); | ||
606 | buffer_free(&b); | ||
616 | return list; | 607 | return list; |
617 | } | 608 | } |
618 | 609 | ||
@@ -23,8 +23,9 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: compat.c,v 1.56 2001/12/19 07:18:56 deraadt Exp $"); | 26 | RCSID("$OpenBSD: compat.c,v 1.57 2002/01/13 17:57:37 markus Exp $"); |
27 | 27 | ||
28 | #include "buffer.h" | ||
28 | #include "packet.h" | 29 | #include "packet.h" |
29 | #include "xmalloc.h" | 30 | #include "xmalloc.h" |
30 | #include "compat.h" | 31 | #include "compat.h" |
@@ -182,24 +183,25 @@ proto_spec(const char *spec) | |||
182 | char * | 183 | char * |
183 | compat_cipher_proposal(char *cipher_prop) | 184 | compat_cipher_proposal(char *cipher_prop) |
184 | { | 185 | { |
186 | Buffer b; | ||
185 | char *orig_prop, *fix_ciphers; | 187 | char *orig_prop, *fix_ciphers; |
186 | char *cp, *tmp; | 188 | char *cp, *tmp; |
187 | size_t len; | ||
188 | 189 | ||
189 | if (!(datafellows & SSH_BUG_BIGENDIANAES)) | 190 | if (!(datafellows & SSH_BUG_BIGENDIANAES)) |
190 | return(cipher_prop); | 191 | return(cipher_prop); |
191 | 192 | ||
192 | len = strlen(cipher_prop) + 1; | 193 | buffer_init(&b); |
193 | fix_ciphers = xmalloc(len); | ||
194 | *fix_ciphers = '\0'; | ||
195 | tmp = orig_prop = xstrdup(cipher_prop); | 194 | tmp = orig_prop = xstrdup(cipher_prop); |
196 | while ((cp = strsep(&tmp, ",")) != NULL) { | 195 | while ((cp = strsep(&tmp, ",")) != NULL) { |
197 | if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) { | 196 | if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) { |
198 | if (*fix_ciphers) | 197 | if (buffer_len(&b) > 0) |
199 | strlcat(fix_ciphers, ",", len); | 198 | buffer_append(&b, ",", 1); |
200 | strlcat(fix_ciphers, cp, len); | 199 | buffer_append(&b, cp, strlen(cp)); |
201 | } | 200 | } |
202 | } | 201 | } |
202 | buffer_append(&b, "\0", 1); | ||
203 | fix_ciphers = xstrdup(buffer_ptr(&b)); | ||
204 | buffer_free(&b); | ||
203 | xfree(orig_prop); | 205 | xfree(orig_prop); |
204 | debug2("Original cipher proposal: %s", cipher_prop); | 206 | debug2("Original cipher proposal: %s", cipher_prop); |
205 | debug2("Compat cipher proposal: %s", fix_ciphers); | 207 | debug2("Compat cipher proposal: %s", fix_ciphers); |
diff --git a/sshconnect2.c b/sshconnect2.c index a565f73cc..3e5ca7ad1 100644 --- a/sshconnect2.c +++ b/sshconnect2.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: sshconnect2.c,v 1.92 2001/12/28 15:06:00 markus Exp $"); | 26 | RCSID("$OpenBSD: sshconnect2.c,v 1.93 2002/01/13 17:57:37 markus Exp $"); |
27 | 27 | ||
28 | #include <openssl/bn.h> | 28 | #include <openssl/bn.h> |
29 | #include <openssl/md5.h> | 29 | #include <openssl/md5.h> |
@@ -991,22 +991,23 @@ authmethod_get(char *authlist) | |||
991 | } | 991 | } |
992 | } | 992 | } |
993 | 993 | ||
994 | |||
995 | #define DELIM "," | ||
996 | |||
997 | static char * | 994 | static char * |
998 | authmethods_get(void) | 995 | authmethods_get(void) |
999 | { | 996 | { |
1000 | Authmethod *method = NULL; | 997 | Authmethod *method = NULL; |
1001 | char buf[1024]; | 998 | Buffer b; |
999 | char *list; | ||
1002 | 1000 | ||
1003 | buf[0] = '\0'; | 1001 | buffer_init(&b); |
1004 | for (method = authmethods; method->name != NULL; method++) { | 1002 | for (method = authmethods; method->name != NULL; method++) { |
1005 | if (authmethod_is_enabled(method)) { | 1003 | if (authmethod_is_enabled(method)) { |
1006 | if (buf[0] != '\0') | 1004 | if (buffer_len(&b) > 0) |
1007 | strlcat(buf, DELIM, sizeof buf); | 1005 | buffer_append(&b, ",", 1); |
1008 | strlcat(buf, method->name, sizeof buf); | 1006 | buffer_append(&b, method->name, strlen(method->name)); |
1009 | } | 1007 | } |
1010 | } | 1008 | } |
1011 | return xstrdup(buf); | 1009 | buffer_append(&b, "\0", 1); |
1010 | list = xstrdup(buffer_ptr(&b)); | ||
1011 | buffer_free(&b); | ||
1012 | return list; | ||
1012 | } | 1013 | } |
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: sshd.c,v 1.222 2001/12/28 14:50:54 markus Exp $"); | 43 | RCSID("$OpenBSD: sshd.c,v 1.223 2002/01/13 17:57:37 markus Exp $"); |
44 | 44 | ||
45 | #include <openssl/dh.h> | 45 | #include <openssl/dh.h> |
46 | #include <openssl/bn.h> | 46 | #include <openssl/bn.h> |
@@ -480,9 +480,11 @@ destroy_sensitive_data(void) | |||
480 | static char * | 480 | static char * |
481 | list_hostkey_types(void) | 481 | list_hostkey_types(void) |
482 | { | 482 | { |
483 | static char buf[1024]; | 483 | Buffer b; |
484 | char *p; | ||
484 | int i; | 485 | int i; |
485 | buf[0] = '\0'; | 486 | |
487 | buffer_init(&b); | ||
486 | for (i = 0; i < options.num_host_key_files; i++) { | 488 | for (i = 0; i < options.num_host_key_files; i++) { |
487 | Key *key = sensitive_data.host_keys[i]; | 489 | Key *key = sensitive_data.host_keys[i]; |
488 | if (key == NULL) | 490 | if (key == NULL) |
@@ -490,16 +492,18 @@ list_hostkey_types(void) | |||
490 | switch (key->type) { | 492 | switch (key->type) { |
491 | case KEY_RSA: | 493 | case KEY_RSA: |
492 | case KEY_DSA: | 494 | case KEY_DSA: |
493 | strlcat(buf, key_ssh_name(key), sizeof buf); | 495 | if (buffer_len(&b) > 0) |
494 | strlcat(buf, ",", sizeof buf); | 496 | buffer_append(&b, ",", 1); |
497 | p = key_ssh_name(key); | ||
498 | buffer_append(&b, p, strlen(p)); | ||
495 | break; | 499 | break; |
496 | } | 500 | } |
497 | } | 501 | } |
498 | i = strlen(buf); | 502 | buffer_append(&b, "\0", 1); |
499 | if (i > 0 && buf[i-1] == ',') | 503 | p = xstrdup(buffer_ptr(&b)); |
500 | buf[i-1] = '\0'; | 504 | buffer_free(&b); |
501 | debug("list_hostkey_types: %s", buf); | 505 | debug("list_hostkey_types: %s", p); |
502 | return buf; | 506 | return p; |
503 | } | 507 | } |
504 | 508 | ||
505 | static Key * | 509 | static Key * |